• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question [Fail2Ban] How redirect banned traffic to a static page?

T

Tomek

Regular Pleskian
Right now when Fail2Ban ban the website owner IP, the user does not know what is happening. He thinks that his website is down.

I would like to let the user know that his IP has been banned and provide contact information.

I am thinking of redirecting traffic to a static page with this information.

But how to make it? How redirect banned traffic to a static page?

Or maybe there is a better solution to this problem?
 
Last edited:
Fail2Ban places a rule in iptables by which the traffic (the actual data packets) are blocked. It is not possible to redirect such packets to a specific website, as they are blocked on a low level that does not know anything about the existance of websites.
 
Thank you very much Peter for your response and explanation.

In other words, there is no way to tell the user that he has been banned?


I especially think about plesk-wordpress and plesk-modsecurity jail.

With enabled plesk-modsecurity jail, it is practically impossible to use Wordpress plugins and not be banned.

Does ModSecurity need enabled plesk-modsecurity jail in Fail2Ban to work properly?
 
ModSecurity is independent of Fail2Ban. These two are different things. ModSecurity blocks single URL requests that match a certain URL pattern. It does not block IP addresses.

The ModSecurity jail is a Fail2Ban jail that reads ModSecurity data and blocks IP addresses that have before been blocked in the ModSecurity context. The "modsecurity" fail2ban jail is not required for ModSecurity to operate correctly.
 
This is good news :)

I will turn off the plesk-modsecurity jail and I will check how everything works.

Again, thank you very much Peter :)


I ask to be sure. There is no way to tell "plesk-wordpress jail" banned users, that they have been banned?
 
Last edited:
You must log in or register to reply here.

Similar threads

E
fail2ban: plesk-wordpress jail is to restrictive
Replies
1
Views
6K
Kaspar@Plesk
Kaspar@Plesk
AdrianC
Question php82-fpm stops responding, how to tune, debug, check variables
Replies
4
Views
1K
AdrianC
AdrianC
C
Issue Correct IPV6 Traffic Routing
Replies
0
Views
420
Change Maker
C
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
3K
The 8th
The 8th
C
Question Strange SNI (?) issue related to IPv6 (?)
Replies
2
Views
782
Carbon Dioxide
C
Back
Top